Add individual credentual verification

fmerg · fmerg · commit 9d9bf3f6f57a · 2024-10-30T14:58:07.000+02:00
diff --git a/test_ssi.py b/test_ssi.py
@@ -61,6 +61,24 @@ def _issue_credential(self, issuer_keypath, issuer_did, holder_did, outfile):
         return res, code
 
 
+    def _verify_credential(self, vcfile, schema=None, allowed_issuer=None):
+        command = ["waltid-cli", "vc", "verify"]
+        args = ["-p", "signature", vcfile]
+
+        if schema:
+            args = ["-p", "schema", f"--arg=schema={schema}"] + args
+
+        if allowed_issuer:
+            args = ["-p", "allowed-issuer", f"--arg=issuer={allowed_issuer}"] + args
+
+        # TODO: removed_status_list goes here!
+
+        command = command + args
+        res, code = self._run_cmd(command)
+
+        return res, code
+
+
     def _create_presentation(
         self,
         holder_keypath,
@@ -114,9 +132,45 @@ def issue_credential(self, issuer_keypath, issuer_did, holder_did, content, clea
         token = self._read_token("credential.signed.json", clean=clean)
         credential = self._decode_token(token)
 
+        if clean:
+            os.remove(outfile)
+
         return credential, token
 
 
+    def verify_credential(
+        self,
+        token,
+        schema=None,
+        allowed_issuer=None,
+        clean=True
+    ):
+        vcfile = self._dump_token(token, "credential.signed.jwt")
+
+        res, code = self._verify_credential(
+            vcfile, schema=schema, allowed_issuer=allowed_issuer
+        )
+
+        if not code == 0:
+            raise SSIVerificationError(res)
+
+        if "ERROR" in res.upper():
+            raise SSIVerificationError(res)
+
+        if "FAIL" in res.upper():
+            raise SSIVerificationError(res)
+
+        if not "SUCCESS" in res.upper():
+            raise SSIVerificationError("Invalid credential")
+
+        credential = self._decode_token(token)
+
+        if clean:
+            os.remove(vcfile)
+
+        return credential
+
+
     def create_presentation(
         self,
         holder_keypath,
@@ -175,9 +229,16 @@ def verify_presentation(self, holder_did, token, clean=True):
             presentation_submission_output,
             vpfile,
         )
+
         if not code == 0:
             raise SSIVerificationError(res)
 
+        if "ERROR" in res.upper():
+            raise SSIVerificationError(res)
+
+        if "FAIL" in res.upper():
+            raise SSIVerificationError(res)
+
         result = res.split("Overall: ")[1].split("\n")[0].upper()
         if not "SUCCESS" in result:
             raise SSIVerificationError("Invalid presentation")
@@ -236,6 +297,12 @@ def verify_presentation(self, holder_did, token, clean=True):
 assert pre_credential["vc"] == credential_content
 assert pre_credential == ssi._decode_token(pre_token)
 
+verified = ssi.verify_credential(
+    pre_token,
+    allowed_issuer=issuer_did_id,
+)
+assert verified == pre_credential
+
 pre_presentation, presentation_token = ssi.create_presentation(
     holder_keypath,
     holder_did_id,
